Windows Azure, the flexible and open cloud, is a step ahead by Microsoft in the cloud business. We have recently received the Windows Azure Active Directory, which industry analysts are suggesting to give a pass. So, what’s in it? Let’s take a quick look.

Windows Azure Active Directory (WAAD) service consists of three major highlights:

First, developers can connect to a REST-based Web service to create, read, update and delete identity information in the cloud for use right within their applications. They can also leverage the SSO abilities of Windows Azure Active Directory to permit individuals to use the same identity credentials used by Office 365, Dynamics CRM, Windows Intune and other Microsoft cloud products.

Second, the developer preview allows companies to synchronize their on-premises directory information with WAAD and support certain identity federation scenarios as well.

Third, the developer preview supports integration of WAAD with consumer identity networks like Facebook and Google, making for one less ID necessary to integrate identity information with apps and services.

How it works?

Office 365 is the entry point for using WAAD. Once you get an Office 365 trial for your account, you will have to create an instance of Active Directory Federation Services Version 2 (ADFS2) on your corporate network. ADFS2 basically acts as a proxy or an intermediary between the cloud and on-premises network and is the trust point for credentials. The WAAD tenant connects to this local ADFS2 instance. This will set up the cloud tenant instance of Active Directory, and allow users and groups to come straight from your on-premises directory.

After the connection is made, a tool called DirSyncruns runs and makes a copy of your local directory and then propagates itself up to the cloud tenant AD instance. Right now DirSync is only one-way; it goes only from on-premises to cloud. The process takes up to 36 hours for a full initial synchronization, especially for a large domain. Once everything is up and running, you can interact with your cloud-based AD instance.

The Verdict

In this recent release, IT pros building applications both internally and for sale can now integrate with Microsoft accounts already being used for Office 365 and other cloud services and will soon be able to, with the final release version of WAAD, integrate with other consumer directory services. That’s useful from an application-building standpoint. But for now, unless you’re running Office 365, there’s not much with which to integrate. The cross-platform and administrative stories are simply not there yet. So, Windows Azure Active Directory is interesting, but not yet compelling when compared to other cloud directory services.

Talking about the Windows Azure itself, it recently experienced a service interruption. Microsoft explained the reason for the service interruption that hit customers in Western Europe last week. The blackout happened on July 26 and made Azure’s Compute Service unavailable for about two and a half hours. Although Microsoft restored the service and knows the networking problem was a catalyst, the root cause of the issue has not been determined. Microsoft is working hard to change that.